Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• About 200 retail outlets in Northwest Indiana
and the Chicago area were supplied with off-specification regular grade
gasoline, which can damage vehicles that use it, and is part of BP’s 2.1
million gallon recall. – Merrillville Post-Tribune

4.
August 22, Merrillville Post-Tribune –
(Indiana; Illinois) More than 200 gas stations had bad gas. About 200
retail outlets in Northwest Indiana and the Chicago area were supplied with the
off-specification regular grade gasoline that is part of BP’s 2.1 million
gallon recall. The tainted gasoline contained a higher than normal level of
polymeric residue, which can lead to hard starting and other drivability
issues, Merrillville Post-Tribune reported August 22. ―The company continues to
go through its shipping records and is contacting retailers who may have loaded
tanker trucks with the off-specification fuel and is replacing it with
on-specification product,‖ BP said in the statement. A BP spokesman said all of
the company’s resellers have been instructed to bag their pumps and not sell
regular or mid-grade gasoline until BP is able to pump out the tanks. The
spokesman said midgrade gasoline is included in the order not to sell because
most gas stations only have two underground storage tanks, one for regular and
one for premium grade fuels. Midgrade fuel is mixed from those two tanks on
site. The polymeric substance causing the problems is a naturally occurring
byproduct of the refining process. BP has not yet been able to identify how the
larger than normal levels of the polymeric substance got into the two cargos of
fuel, the larger at the BP Whiting terminal and the smaller at the Milwaukee
terminal. Drivers from around the region have been seeking repairs after
filling up at stations including but not limited to BP, Speedway, Luke Oil,
Costco, and Family Express. Source: http://posttrib.suntimes.com/news/lake/14661181-460/more-than-200-gas-stations-had-bad-gas.html

• Authorities blew
two holes in a tanker truck containing isobutane August 23, to ignite and vent
the truck more than 24 hours after an accident on Interstate 10 in Baton Rouge,
Louisiana. The crash forced authorities to close the highway for nearly 7
hours, and evacuate many homes and businesses. – Baton Rouge Advocate

14.
August 23, Baton Rouge Advocate –
(Louisiana) Tanker wreck burns in BR; I-10 open both directions. Authorities
blew two holes in a tanker truck containing isobutane August 23, igniting a
huge fireball as they prepared to move the damaged rig from the accident scene
on Interstate 10 near Essen Lane in Baton Rouge, Louisiana. Interstate 10
reopened in both directions by August 23, after being closed for nearly 7
hours. Authorities’ evacuated residents within 500 yards of the accident prior
to the controlled ―vent and burn.‖ Traffic in the capital city was snarled
throughout the day after both the eastbound and westbound lanes were closed on
I-10 between Essen and Bluebonnet Boulevard following the accident. The truck
was carrying 8,700 gallons of isobutane. Two people involved in the accident
were hospitalized with minor injuries. The Red Cross opened a shelter for
evacuated residents, a spokeswoman said. Local businesses were struggling with
the logistics of moving products and materials. A shelter-in-place in effect
August 22 at nearby Our Lady of the Lake Regional Medical Center on Essen Lane
was lifted early August 23, said a deputy director of the East Baton Rouge
Parish Emergency Medical Services. Source: http://theadvocate.com/home/3698836-125/evacuation-set-for-10-pm

• A week of
torrential rain in Alaska delayed air traffic, flooded a landfill, and caused
problems for a village’s supply of drinking water. – Anchorage Daily News

30. August
21, Anchorage Daily News – (Alaska) Torrential rains cause numerous
woes in Northwest Alaska. Recent torrential rain in northwest Alaska
delayed air traffic, flooded a landfill, and caused problems for one village’s
supply of drinking water. An unusual low pressure front over the Chukchi Sea
poured rain on the region beginning August 13, said a National Weather Service
(NWS) hydrologist and meteorologist. Nine inches fell at the Red Dog Mine area
between August 13 and 19, he said, half the rain the area normally gets for an
entire year. In Ambler, rains almost washed out a bridge used to access
subsistence hunting areas, said a member of the Northwest Arctic Borough. In Kiana,
four unopened shipping containers were partly underwater because of high waters
on the Kobuk River. Planes ferrying workers to and from the Red Dog Mine were
delayed August 15 to 19 due to poor visibility. In the village of Kivalina, a
flooded landfill contaminated berry-picking grounds, and a lack of safe
drinking water delayed the start of the school year. The rain-swollen Wulik and
Kivalina rivers washed into the lagoon to the east of the village, and high
water in the lagoon flooded the landfill, contaminating water. Delays in
replenishing the village’s water supply were compounded by the rains because
the tanks can not be filled with water from the river because it is muddy and
filled with debris. Source: http://www.adn.com/2012/08/20/2594837/torrential-rains-cause-numerous.html

• Two inmates housed
at different Indiana prisons ran a drug ring that distributed methamphetamine,
heroin, and other drugs thanks to cellphones smuggled in by guards, according
to a federal indictment that charged 40 people. – Associated Press

43.
August 22, Associated Press –
(Indiana; National) 40 indicted in drug ring run from Indiana prisons. Two
inmates housed at different Indiana prisons ran a drug ring that distributed
methamphetamine, heroin, and other drugs thanks to cellphones smuggled in by
guards, according to a federal indictment unsealed August 22 that charged 40
people in connection with the scheme. The indictment alleged that the purported
ringleader and an inmate at another prison even held a conference call with a
third man using smuggled cellphones to discuss ―pooling their financial
resources‖ to get a discount on heroin. At least 17 people appeared in court
August 22 in Indianapolis after about 300 FBI agents fanned out across the
State and made arrests. A judge ordered them to remain in custody. Only one
prison guard was among those charged, though the indictment alleged several were
involved. The indictment detailed a series of alleged phone calls the two men
placed to people outside the prisons, including to oversee the purchase of
―large amounts‖ of heroin from a source in Chicago. They also instructed people
how and where the drugs should be sold. Source: http://www.abc6.com/story/19344753/40-indicted-in-meth-ring-run-from-ind-prison

• The reservoir at
the former Piney Point fertilizer plant near Port Manatee, Florida, is in
jeopardy of overflowing and spilling millions of gallons of polluted water into
Bishop Harbor and Tampa Bay due to recent rains and the threat of Tropical
Storm Issac. – Sarasota Herald Tribune

58.
August 22, Sarasota Herald Tribune –
(Florida) Isaac could flood Piney Point reservoir, sending toxic water into
Tampa Bay. The reservoir at the former Piney Point fertilizer plant near
Port Manatee, Florida, is in jeopardy of overflowing due to recent rains and
the threat of Tropical Storm Issac. The reservoir could potentially spill
millions of gallons of polluted water into Bishop Harbor and Tampa Bay, the
Sarasota Herald-Tribune reported August 22. To avoid a spill, the Florida
Department of Environmental Protection (DEP) is allowing HRK Holdings LLC,
which owns the plant, to pipe some of the toxic water into another reservoir at
the site although it was not intended to hold such water. The main reservoir is
not in danger of imminent collapse, officials said, but recent rain is adding
to the problem and if a tropical storm or hurricane dumps more, the situation
would become more tenuous. Further raising concerns, HRK has not provided the
DEP with any assurance that the site is secure to avoid an unauthorized release
of contaminated water during ideal conditions. The water is above the level
considered safe for the reservoir to hold and the DEP has not received an
inspection report from HRK showing that the reservoir walls are structurally
sound. A DEP spokeswoman said that while the ―maximum water design water level‖
was reached, there is 3.2 feet of freeboard remaining in the reservoir. Source:
http://www.heraldtribune.com/article/20120822/ARTICLE/120829855?p=1&tc=pg

Details

Banking and Finance Sector

9. August
23, Naples Daily News – (Florida) Judge orders ex-CEO to pay $31
million to FDIC. The ex-CEO of Naples, Florida-based Orion Bank was ordered
to pay more than $31 million to the Federal Deposit Insurance Corporation
(FDIC) for his leading role in a bank fraud conspiracy. At a restitution
hearing in Orlando August 22, a judge decided on the amount the ex-CEO should
pay the FDIC, which became the receiver for the local bank when it failed. The
amount was based on the losses the agency suffered when it took over the bank’s
fraudulent loans after selling most of Orion’s assets to IberiaBank. The ex-CEO
and his co-conspirators made the loans as part of a scheme to trick regulators
and make the bank appear in better financial shape than it was as it teetered
on the edge of collapse. The ex-CEO is currently serving a 6-year sentence
after pleading guilty to his involvement in the scheme. Source: http://www.naplesnews.com/news/2012/aug/23/judge-orders-jerry-williams-to-pay-31-million-to/

10. August
22, U.S. Securities and Exchange Commission – (New York) SEC
charges New York-based firm and owner in penny stock scheme. The U.S
Securities and Exchange Commission (SEC) August 22 charged a White Plains, New
York-based firm and its owner with conducting a penny stock scheme in which
they bought billions of stock shares from small companies and illegally resold
those shares in the public market. The SEC alleges that E-Lionheart Associates
LLC (which also does business under the name Fairhills Capital) and its owner
reaped more than $10 million in unlawful profits from selling shares they
bought at deep discounts from approximately 100 penny stock companies. No
registration statement was filed or in effect for any of the securities that he
and E-Lionheart resold to the investing public, and no valid exemption from the
registration requirements of the federal securities laws was available. Acting
at the owner’s direction, E-Lionheart personnel systematically ―cold called‖
penny stock companies to ask if they were interested in obtaining capital. If
the company was interested, E-Lionheart personnel would offer to buy stock at a
rate deeply discounted from the trading price of the company’s stock at that
time. The owner and E-Lionheart purported to rely on an exemption from
registration under Rule 504(b)(1)(iii) of Regulation D, which exempts
transactions in compliance with certain types of State law exemptions. However,
no such State law exemptions were applicable. Source: http://www.sec.gov/news/press/2012/2012-165.htm

11. August
21, Reuters – (National) Crowdfunding scams top investor threat —
regulators. State securities regulators have put the relatively new
investment phenomenon of crowdfunding at the top of their annual investment
scams list, highlighting a recent U.S. law that relaxed capital raising rules
on small firms, Reuters reported August 21. The North American Securities
Administrators Association (NASAA) evaluated emerging and ongoing threats to
investors in its 2012 list of top investor traps. The list also included
mid-size investment advisers and oil and gas drilling schemes. Crowdfunding,
which allows fundraising for projects via Web sites, is relatively new, and
scams are just getting started, the regulators said. Portions of the Jumpstart
Our Business Startups Act (JOBS Act), which go into effect in 2013, will push
crowdfunding from a ―donation‖ model to a true investment model, and that will
make it even more of a lure for swindlers, NASAA said. It also expressed
concern about mid-size investment advisers, who recently transferred to
supervision by State authorities instead of the Securities and Exchange
Commission (SEC). The most common scam NASAA highlighted was the ―Reg D/Rule
506 Private Offerings‖ that involves marketing investments not registered with
the SEC. The JOBS Act also relaxed regulations on this type of investment, and
allowed much broader advertising of these types of investment opportunities,
which NASAA said will make fraud easier. Source: http://www.reuters.com/article/2012/08/21/investing-scams-threats-idUSL2E8JLCVB20120821

Information Technology Sector

44. August
23, The H – (International) A $5,000 vulnerability in Facebook. A
security researcher disclosed a security hole in Facebook’s Web site. The
cross-site request forgery (CSRF) flaw allows an attacker to execute actions as
a logged-in user by accessing specific URLs. After Facebook introduced its App
Center functionality, the researcher found the anti-CSRF tokens in HTTP
requests are not validated on the server side and an attacker is therefore able
to add applications on the platform as another user. To execute this attack,
the attacker needs the victim to visit a specially crafted Web site, after
which malicious applications can be planted on the App Center. Anti-CSRF
measures like the ones employed by Facebook are supposed to prevent this kind
of attack by generating a token with every valid session that must be sent with
every request. Scripts on other Web sites have no access to this token and
therefore can not generate valid requests. In Facebook’s case, the App Center
pages did not actually check the token for validity, which allowed anyone to
send bogus requests and have them accepted. The Facebook Security team fixed
the vulnerability within 1 day of being contacted by the researcher. Source: http://www.h-online.com/security/news/item/A-5-000-vulnerability-in-Facebook-1673573.html

45. August
22, Softpedia – (International) RSA: Phishing attacks worldwide cause losses
of $687M in H1 2012. RSA’s FraudAction Research Labs revealed that in the
first half of 2012, phishing attacks caused businesses worldwide to lose $687
million. While this represents an increase compared to the same period of 2011,
it is actually a slight decrease to what companies experienced in the second
half of the same year. Other figures from the report show that compared to the
second half of 2011, the number of phishing attacks increased by 19 percent.
Experts from the Anti-Phishing Working Group noticed the attack duration median
actually went down to 11.72 hours per attack from 15.3 hours. If the duration
were to remain the same, the total losses would have been approximately $897
million. The main targets of the attacks recorded in the first 6 months of 2012
were the United Kingdom, the United States, Canada, Brazil, and South Africa.
Source: http://news.softpedia.com/news/RSA-Phishing-Attacks-Worldwide-Cause-Losses-of-687M-556M-in-H1-2012-287534.shtml

46. August
22, NBC News – (International) ‘Frankenstein’ virus could assemble itself
from app snippets. Two researchers at the University of Texas at Dallas
analyzing how malware disguises itself in order to propagate more widely
developed an experimental virus that builds itself out of pieces a user’s
computer knows to be safe. Many pieces of malware and viruses can be identified
by detection software because of known bits of malicious code. As such, malware
authors and security experts have tried different ways to camouflage malicious
code, such as encrypting it or adding garbage data to confuse the scanners. The
two researchers take these techniques a step further: their virus builds itself
out of bits of applications like a user’s word processor, image editor, or Web
browser. Currently, the malware is just a proof of concept, however, it is a
tactic hackers may try to implement in the future. The researchers labeled
their experimental malware ―Frankenstein.‖ Source: http://www.nbcnews.com/technology/technolog/frankenstein-virus-could-assemble-itself-app-snippets-959004

47. August
22, SecurityWeek – (International) Flash Player bug exploited by malicious Word
documents. Adobe patched the remote code execution vulnerability
(CVE-2012-1535) in Flash Player that could cause the application to crash and
potentially allow an attacker to take control of the compromised computer
August 14 as part of its regularly scheduled update. At the time, the company
said there were reports of the vulnerability being exploited in the wild in
―limited attacks‖ using malicious Word documents. Symantec researchers have
observed such attacks since August 10. The attacks used different email subject
lines, body text, and attachment file names, a Symantec researcher said. The
names and subject lines cover political and other newsworthy items, topics of interest,
as well as topics that may be of interest to specific industries and companies.
Source: http://www.securityweek.com/flash-player-bug-exploited-malicious-word-documents

48. August
22, PC Magazine – (International) McAfee fixes buggy antivirus update, resolves
errors. McAfee fixed the buggy update that disabled the security software
for many home and enterprise users the weekend of August 18. Users who received
the latest updates for McAfee’s consumer and enterprise versions of its
antivirus software August 17 found themselves unable to access the Internet or
encountering errors within the application, said messages posted on McAfee’s
community forums. Source: http://securitywatch.pcmag.com/none/301809-mcafee-fixes-buggy-antivirus-update-resolves-errors

49. August
22, PC Magazine – (International) Poor passwords cracked in seconds. A
Sophos researcher who reported on the initial hack of Phillips Electronics
recently, noted the plaintext password collection contained some extremely
simple choices. He also conducted an experiment cracking those password hashes.
He downloaded the free open-source tool John the Ripper to a basic laptop and
input the list of hashed passwords into the cracking tool. It cracked a quarter
of the passwords in 3 seconds or less, and fully half of them in 50 minutes.
When the researcher ended the test at 2 hours, John the Ripper had cracked 53
percent of the hashed passwords. Source: http://securitywatch.pcmag.com/none/301807-poor-passwords-cracked-in-seconds

50. August 22,
Ars Technica – (International) Password hints easily extracted from Windows
7, 8. A password reminder feature built in to recent versions of
Microsoft’s Windows operating system was recently discovered by a vulnerability
researcher from SpiderLabs. The password clues for Windows 7 and 8 are stored
in the OS registry in a scrambled format that can be easily converted into
human-readable form. That information would be useful to hackers who intercept
a cryptographic hash of a targeted computer, but are unable to crack it. The
researcher who documented the new Windows behavior wrote a script that
automates the attack and added it to Metasploit, an open-source toolkit popular
among whitehat and blackhat hackers. Source: http://arstechnica.com/security/2012/08/windows-8-password-hints/

51. August
22, Threatpost – (International) Fake Flash Player, laden with malware, making
rounds. Scammers began to take advantage of Adobe’s decision to remove its
Flash Player from Android’s Google Play marketplace the week of August 13. The
removal prompted scammers to start promoting fake versions of the software to
unsuspecting smartphone owners. While researching the scamware, security firm
GFI Labs uncovered a separate fake version of the Flash Player that is not only
fake, but an SMS trojan that comes bundled with adware. Source: http://threatpost.com/en_us/blogs/fake-flash-player-laden-malware-making-rounds-082212

Communications Sector

52.
August 22, Athens News – (Ohio) Phone
service being restored after cables severed. City officials estimating that
phone service to the north of Carpenter Street/Stimson Avenue in Athens, Ohio,
that had been out for 1 week would be restored August 23. Two phone cables were
cut August 16 when a contractor working for Columbia Gas drilled through them.
The outage, according to a release from Athens deputy service-safety director,
affected customers of Frontier north of Carpenter/Stimson, as well as all
Frontier customers on East State Street as far east as The Market On State. The
release said Frontier was ―working around the clock‖ to restore service to the
approximately 3,300 affected customers. ―This process is time-consuming due to
the nature of the communication lines that were destroyed, as each line in the
cable must be individually tested,‖ the release said. Source: http://www.athensnews.com/ohio/article-37603-phone-service-being-restored-ater-cables-severed.html

For
more stories, see items 44 and 51 above
in the Information Technology Sector

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"